youds
Verified User
Hi guys,
Please see https://intodns.com/youds.com and https://dns.google.com/query?name=youds.com&type=ANY&dnssec=true
Here is the result of dig from the server itself:
Everything seems to be working fine.
However, please see output of following commands from a desktop client:
Here are my config files:
/etc/named.conf
/etc/resolv.conf
/var/named/youds.com.db
I have followed the following steps in DirectAdmin:
I have opened the TCP and UDP ports 53 in CSF. (my firewall program)
Can someone point me in the right direction?
Many thanks
Please see https://intodns.com/youds.com and https://dns.google.com/query?name=youds.com&type=ANY&dnssec=true
Here is the result of dig from the server itself:
Code:
[root@saturn ~]# dig youds.com
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.3 <<>> youds.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45992
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;youds.com. IN A
;; ANSWER SECTION:
youds.com. 14400 IN A 149.202.64.33
;; AUTHORITY SECTION:
youds.com. 14400 IN NS ns2.youds.com.
youds.com. 14400 IN NS ns1.youds.com.
;; ADDITIONAL SECTION:
ns1.youds.com. 14400 IN A 149.202.64.33
ns2.youds.com. 14400 IN A 164.132.221.0
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Jun 16 03:07:17 CEST 2017
;; MSG SIZE rcvd: 122
Everything seems to be working fine.
However, please see output of following commands from a desktop client:
Code:
Unknown-c4-2c-03-06-f4-b9:~ craigfairhurst$ dig ns1.youds.com @149.202.64.33
; <<>> DiG 9.8.3-P1 <<>> ns1.youds.com @149.202.64.33
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36233
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;ns1.youds.com. IN A
;; ANSWER SECTION:
ns1.youds.com. 14400 IN A 149.202.64.33
;; AUTHORITY SECTION:
youds.com. 14400 IN NS ns1.youds.com.
youds.com. 14400 IN NS ns2.youds.com.
;; ADDITIONAL SECTION:
ns2.youds.com. 14400 IN A 164.132.221.0
;; Query time: 19 msec
;; SERVER: 149.202.64.33#53(149.202.64.33)
;; WHEN: Fri Jun 16 02:09:13 2017
;; MSG SIZE rcvd: 95
Unknown-c4-2c-03-06-f4-b9:~ craigfairhurst$ dig ns2.youds.com @164.132.221.0
; <<>> DiG 9.8.3-P1 <<>> ns2.youds.com @164.132.221.0
;; global options: +cmd
;; connection timed out; no servers could be reached
Unknown-c4-2c-03-06-f4-b9:~ craigfairhurst$
Unknown-c4-2c-03-06-f4-b9:~ craigfairhurst$ nslookup youds.com
Server: 192.168.1.254
Address: 192.168.1.254#53
** server can't find youds.com: NXDOMAIN
Here are my config files:
/etc/named.conf
Code:
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
options {
//listen-on port 53 { all; };
//listen-on-v6 port 53 { ::1; };
//listen-on { all; };
allow-recursion { 127.0.0.1; ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
//allow-query { localhost; };
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
//recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
zone "saturn.youds.com" { type master; file "/var/named/saturn.youds.com.db"; };
zone "youds.com" { type master; file "/var/named/youds.com.db"; };
/etc/resolv.conf
Code:
nameserver 127.0.0.1
nameserver 149.202.64.33
nameserver 164.132.221.0
search youds.com
/var/named/youds.com.db
Code:
$TTL 14400
@ IN SOA ns1.youds.com. hostmaster.youds.com. (
2017061300
14400
3600
1209600
86400 )
youds.com. 14400 IN NS ns1.youds.com.
youds.com. 14400 IN NS ns2.youds.com.
@ 14400 IN A 149.202.64.33
ftp 14400 IN A 149.202.64.33
mail 14400 IN A 149.202.64.33
ns1 14400 IN A 149.202.64.33
ns1.youds.com. 14400 IN A 149.202.64.33
ns2 14400 IN A 164.132.221.0
ns2.youds.com. 14400 IN A 164.132.221.0
pop 14400 IN A 149.202.64.33
smtp 14400 IN A 149.202.64.33
www 14400 IN A 149.202.64.33
youds.com. 14400 IN A 149.202.64.33
youds.com. 14400 IN MX 10 mail
ownercheck 14400 IN TXT 6b38f791
youds.com. 14400 IN TXT "v=spf1 a mx ip4:149.202.64.33 ~all"
I have followed the following steps in DirectAdmin:
- Entered IP addresses, with nameservers on 2 IP addresses
- Reseller level - configured 2 nameservers
- Administrator settings - configured 2 nameservers
- Added name server A records for domain name
I have opened the TCP and UDP ports 53 in CSF. (my firewall program)
Can someone point me in the right direction?
Many thanks
Last edited: